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AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) A system to facilitate s ubstai rtt a t l y secure communication of data 
from a user-level process, comprising: 

at least a first queue associated with [[the]] a first process, such that the process is 
operative to directly communicate a message relative to the first queue; and 

a first communication context operative to communicate the message between the first 
queue and a second communication context; 

wherein communication between the first queue and the first communications context is 
controlled based on whether an appropriate association exists between the first queue and the 
first communications context, the association between the first queue and the first 
communications context being provided through a privileged operation not adjustable by the 
user - level first process , the association between the first queue and the first commur\ication 
context requires membership to a common domain . 

2. (Original) The system of claim 1, wherein the first queue and the first communication 
context reside at a first node that is different fix>m that of the second conununication context. 

3. (Original) The system of claim 2, further comprising an interface at the first node 
operative to validate messages communicated from the first queue to the first communication 
context. 

4. (Original) The system of claim 3, wherein the interface is operative to prevent messages 
from being communicated &om the first queue to the first communication context if an 
association mismatch exists between the first queue and the first connimunication context. 



5. 



(Cancelled) 
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6. (CuTxently Amended) The system of claim Z, [[5]], further comprising a secotid queue 
associated with a second process at the first node, such that the second process is operative to 
directly communicate a message to the second queue. 

7. (Original) The system of claim 6, wherein the second queue is associated with the 
common domain through a privileged operationj such tliat the first and second queues can share 
the first communication context to communicate messages through a channel defined by the first 
communication context and the second communication context, each of the first and second 
queues being operative to communicate messages with at least one process at a node where the 
second communication context resides. 

8. (Original) The system of claim 7, wherein the first process further comprises a process 
operating in a user mode and the second process comprises a process operating in a user mode. 

9- (Original) The system of claim 6, further including a third communication context 
associated with the second queue through a privileged operation at the first node, the third 
communication context enabling commimication between the third communication context and a 
fourth communication context that resides a node different from the first node. 

10, (Original) The system of claim 9, wherein the common domain is a first domain, the 
association between the second queue and the third communication context corresponding to a 
second domain that is different fi:om the first domain, wherein each communication channel 
established in the second domain is isolated fi:om each channel established in the first domain, 

1 1 . (Original) The system of claim 1^ wherein the first queue and the first communication 
context reside at a first node that is different from a second node at which the second 
communication context resides, the system further comprising a tliird corrmiunication context at 
the first node to enable communication of messages between the third commiraication context 
and a fourth communication context tliat resides at a third node that is different firom the first 
node. 
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12. (Original) The system of claim 1 1 , wherein the first queue is associated with the third 
communication context through a privileged operation, such that the first process is operative to 
communicate the message over a commmiication channel established between the third 
communication context and a fourth communication context that resides at the third node, which 
is different from the second node. 

13. (Original) The system of claim 1 1, wherein the first queue and the first communication 
context are associated so as to be part of a first domain, the system further comprising a second 
queue is associated with a second process, the second queue being associated with a third 
communication context so as to be part of second domain that is isolated relative to the first 
domain. 

14. (Currently Amended) A system to facilitate communication of data, comprising: 
a virtual hardware component at a first node operable to communicate a message 

received direcdy from an associated process; and 

a first channel endpoint established at the first node, the first channel endpoint being 
operative to communicate messages to a second channel endpoint residing at a second node; 

wherein each of the virtual hardwag component and the first charmel endpoint is 
associated with a respective domain through a privileged operation at the first node, 
communication of messages between the virtual hardware component and the first channel 
endpoint being controlled based on validation of the respective domains for the virtual hardware 
component and the first chamiel endpoint being a common domain . 

15. (Currently Amended) The system of claim 14, wherein hardware at the first node is 
operative to prevent messages team being sent between the virtual component and the first 
channel endpoint in response to detecting an invalid association between the virtual hardware 
component and the first channel endpoint. 
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16. (Currently Amended) The system of claim 14, wherein the virtual hardware component is 
a first virtual component, the system further comprising a second virtual hardware component 
operative to communicate a message directly with an associated process at the first node. 

17. (Currently Amended) The system of claim 16, wherein the second virtual hardware 
conujonent and the first virtual hardware component are members of a common domain, domain 
membership being assigned through a privileged operation not adjustable by the first or second 
process, wherein the first and second virtual hardware components are operative to share the first 
channel endpoint of the first node, such that each of the first and second processes can 
conmiunicate messages with at least one process at the second node. 

1 8. (Original) The system of claim 14, further including a third channel endpoint at the first 
node, the third channel endpoint being operative to communicate messages with a fourth channel 
endpoint that resides at a node different firom the first node. 

19. (Currently Amended) The system of claim 1 8, wherein the virtual hardware component is 
a first virtual hardware component, the system fiirther comprising a second virtual hardware 
component at the first node that is associated with the third channel endpoint through a 
privileged operation at the first node. 

20. (Original) The system of claim 1 9, wherein each of the first and third channel endpoints 
belongs to different domains, such that each communication channel established between 
associated channel endpoints in one of the domains is isolated from each commumcation channel 
established between associated channel endpoints in each other of the domains. 

21 . (Original) The system of claim 19, wherein each of the first and third channel endpoints 
belongs to a conunon domain, such that each of the first and second processes at the first node is 
operative to share first and third channel endpoints to respectively communicate a message with 
at least one process at the second and third nodes based on data in the respective message. 
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22, (Currently Amended) A system to facilitate communication of data, comprising: 
storage means for receiving a message provided directly from a user-level process, 
communication means associated with the storage means for, upon validation of a 

common domain association between the storage means and the communication means, sending 
the stored request to a corresponding communication means at another node in the system; and 

validation means for validating the association between the storage m^ns and the 
communication means, the storage means and the communication means being associated in a 
privileged operation not adjustable by user-level processes. 

23. (Original) A system to facilitate communication of data, comprising: 

virtual storage means at a first node for storing a message for direct communication 
relative to a user-level process; 

endpoint communication means at the first node for means for, upon determining a 
common domain membership for the storage means and the endpoint communication means, 
enabling communication between the virtual storage means and the endpoint communication 
means; and 

control means for independently controlling domain membership for each of the virtual 
storage means and the endpoint communication means. 

24, (Original) The system of claim 23, wherein the endpoint communication means further 
includes means for preventing communication of messages between the virtual storage means 
and the endpoint communication means in the absence of a common domain membership among 
virtual storage means and the endpoint communication means. 

25. (Original) The system of claim 23, wherein the endpoint communication means further 
includes means for permitting communication of messages between the virtual storage means 
and the endpoint communication means when common domain membership exists among virtual 
storage means and the endpoint communication means. 
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26. (Currently Amended) A computer-readable medium having computer-executable 
instructions for: 

in a privileged mode, setting domain membership for a queue of a first node and setting 
domain membership for a communication component of the first node, the communication 
component of the first node being operable to communicate messages with a corresponding 
conununication component at a second node, the domain membership being inaccessible by 
user-level processes, the queue being mapped into memory of an associated user-level process at 
the first node, such that the user-level process can communicate directly with the queue; and 

controlling commimication of message between tlie queue and the communication 
component based on the domain membership set for each of the queue and the communication 
component being the same . 

27. (Original) Hie computer-readable medium of claim 26 having further computer- 
executable instructions for providing an error message to the associated user-level process if the 
domain membership between the queue and the communication component is invalid. 

28. (Original) The computer-readable medium of claim 26 having jfiirther computer- 
executable instructions for analyzing the message to identify which of a plurality of 
communication contexts is designated and validating donaain membership between the queue 
and the designated communication context to control communication of the message between the 
queue and the designated conmiunication context. 

29. (Currently Amended) A method to facilitate communication in a system architecture in 
which a process is operative to communicate a message directly with a storage component 
coupled to at least one local communications component m a node for communicating the 
message for receipt by a second conmiunications component, the method comprising: 

associating the storage component with a domain for temporarily storing the message; 
associating the local communications component with a domain; and 
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controlling communication of a message between the storage component and the local 
communications component based on the domain of the storage component and the domain of 
the local communications component beine identical . 

30. (Original) The method of claim 29, wherein the domain for the storage component and 
tlie domain for the association of the local communications component are implemented 
independently in privileged operation not adjustable by tlie user-level process. 

3 1 . (Original) The method of claim 30, wherein the controlling further comprises validating 
the domain of the storage component relative the domain of the local communication component. 

32. (Original) The method of claim 31, further comprising preventing communication of the 
message from the storage component to the communication component in the absence of a match 
between the domain of the storage component and the domain of the communication component. 

33- (Original) The method of claim 32, further comprising generating an error message in the 
absence of a match between the domain of the at least part of the storage component and the 
domain of the communication component 

34. (Original) The method of claim 32, further comprising sending the message from the 
storage component to the communication component in response to a valid association existing 
between the domain of the storage component and the domain of the communication component, 

35. (Original) The method of claim 30, further comprising discemmg from the message 
which of at least one of a plurality of communication components is designated and validating 
association between the storage component and each designated communication component to 
control communication of the message between the storage component and each designated 
communication component. 
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